VYPR
Vendor

Online Ordering System Project

Products
1
CVEs
27
Across products
27
Status
Private

Products

1

Recent CVEs

27
View all 27 CVEs →
  • CVE-2026-8231MedMay 10, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file /deleteorder.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been…

  • CVE-2025-7755MedJul 17, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated…

  • CVE-2023-2246Apr 23, 2023
    risk 0.03cvss epss 0.04

    A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. The attack…

  • CVE-2025-3141Apr 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated…

  • CVE-2025-3140Apr 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /view_category.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack…

  • CVE-2024-57328Jan 23, 2025
    risk 0.00cvss epss 0.01

    A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain…

  • CVE-2023-45342Nov 2, 2023
    risk 0.00cvss epss 0.01

    Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-5423Oct 5, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument id leads to sql injection. The attack can be…

  • CVE-2023-37150Jul 10, 2023
    risk 0.00cvss epss 0.01

    Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item.

  • CVE-2023-30092May 8, 2023
    risk 0.00cvss epss 0.01

    SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter.

  • CVE-2023-1460Mar 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=save_user of the component Password Change Handler. The manipulation leads to improper authentication.…

  • CVE-2023-1455Mar 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com'…

  • CVE-2023-1365Mar 13, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php. The manipulation of the argument username leads to sql injection. The attack may be launched…

  • CVE-2023-1364Mar 13, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file category.php of the component GET Parameter Handler. The manipulation of the argument id leads to…

  • CVE-2023-27207Mar 9, 2023
    risk 0.00cvss epss 0.01

    Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php.

  • CVE-2023-27210Mar 9, 2023
    risk 0.00cvss epss 0.01

    Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/view_order.php.

  • CVE-2023-27208Mar 9, 2023
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in /php-opos/login.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the redirect parameter.

  • CVE-2023-0988Feb 23, 2023
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. The attack may…

  • CVE-2023-0910Feb 18, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_prod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The…

  • CVE-2023-0906Feb 18, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Affected by this vulnerability is the function delete_category of the file ajax.php of the component POST Parameter Handler. The manipulation leads to missing authentication. The…